Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Borux.png
-
Size
21KB
-
Sample
230402-l4st9sfg56
-
MD5
161c2cf23c01ee0d37689fc51458ec7f
-
SHA1
b864444ecdcd427209155971ee0a91913d2cd304
-
SHA256
435469a7278571ddb7b2cf629323c105839862df407d90135e8e311bf3fe6b04
-
SHA512
7fcd9a981886307a44db5c6661e613a7bdf2c0cb5113de4654e4bb85870de10bef7a8032a2e33bf4c2443ae31c1c26315080905c0d407f2ac1dcb7aa3ee59df0
-
SSDEEP
384:0jBy2lR1p4nhwiddxLPwwnuLUd0eEx0/LnbnMBBVQu8+y+B:kNrpwiiv59nl0eEx0/vnMxq+y+B
Static task
static1
Behavioral task
behavioral1
Sample
Borux.png
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Borux.png
-
Size
21KB
-
MD5
161c2cf23c01ee0d37689fc51458ec7f
-
SHA1
b864444ecdcd427209155971ee0a91913d2cd304
-
SHA256
435469a7278571ddb7b2cf629323c105839862df407d90135e8e311bf3fe6b04
-
SHA512
7fcd9a981886307a44db5c6661e613a7bdf2c0cb5113de4654e4bb85870de10bef7a8032a2e33bf4c2443ae31c1c26315080905c0d407f2ac1dcb7aa3ee59df0
-
SSDEEP
384:0jBy2lR1p4nhwiddxLPwwnuLUd0eEx0/LnbnMBBVQu8+y+B:kNrpwiiv59nl0eEx0/vnMxq+y+B
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-